The iSpoof service, which offered phone number spoofing (also called spoofing “), was the subject of a vast police operation which led to the arrest of one hundred and forty-two people around the world, announced Europolwhich coordinated this investigation, Thursday, November 24.
According to UK authorities, iSpoof had been operating since December 2020. In August 2021, an Internet user published a message on a discussion forum known for cybercrime promoting iSpoof, promising many tools for scammers. The post sold, among other things, the ability to make calls by spoofing any number, “including banks”. He assured that it was possible, with this system, to intercept the “OTP” codes, that is to say the double authentication system used by many services and consisting in receiving, for example, a code from his bank to validate a transaction. The publicity made for the tool very strongly suggested that it primarily targeted Internet users wishing to lend themselves to bank fraud.
According to Europol, the administrators of iSpoof would have generated, by selling their services, more than 3.7 million euros in sixteen months, and the British authorities – who announced that they were going to warn all the identified victims – estimate the damage total to more than 115 million euros. The organization also announced that one hundred and forty-two “users and administrators” had been arrested as part of the investigation opened in October 2021 by the European Union’s judicial cooperation unit, Eurojust. Servers were also seized in the Netherlands, says the Dutch police. In France, nine people were taken into police custody and then released as part of a preliminary investigation which is continuing, according to the Paris prosecutor’s office.
A warning left to “customers”
According to Guardian, the man suspected of being the mastermind of this operation, Teejai F., is 34 years old and resides in the metropolis of London. Arrested by British authorities on November 7, he is expected to appear in court on December 6.
The authorities have now not only taken control of the domain names used by iSpoof, but they have also seized the Telegram chat channel used by its operators. On Thursday morning, a message apparently signed by London police was posted there, stating that there are “several months, we had access to the servers [de iSpoof] and obtained data on its customers”. Accompanied by a video, it diverts the codes of the advertisements usually broadcast by the tool of spoofingand ends with the logos of the services that participated in this international operation, warning:
“Did you make calls impersonating? One hundred and forty-two people have already been arrested. Investigation of these data is ongoing. Don’t be surprised if more visits ensue. »